New NSA leak reveals scope of agency's war against crypto

​The National Security Agency boasts the ability to compromise computer protocols meant to encrypt private internet data, leaked documents have revealed. But the NSA has fallen short of totally winning its war against crypto.

Classified NSA files
taken by former contractor Edward Snowden and published for the
first time by Der Spiegel on Sunday reveal that, while the United
States’ intelligence agency is indeed adept at cracking
encryption, its efforts are no match when it comes to some of the
more popular protocols used to keep communications
private.

The NSA – along with its Five Eyes partners in Canada, New
Zealand, Australia, and the UK – spends millions of dollars
annually to break encryption standards used to keep the web
secure, Spiegel reported over the weekend. Yet while previous
files published from the Snowden trove have already exposed to a
degree the scope of the NSA’s efforts, the latest installment
acknowledges for the first time that protocols including TSL/SSL,
SSH, PPTP and Ipsec are exploited in order to give spies an
intimate look at internet traffic intended to be kept secret.

Released concurrently with a presentation given at the 31st
annual Chaos Communication Congress in Hamburg, Germany by two of
the article’s authors, the Spiegel piece explains that the NSA
and its allies use a plethora of practices to compromise computer
protocols, random number generators, and third-party software
advertised as being supposedly secure in an effort to gather
intelligence on alleged terrorists.

"Did you know that ubiquitous encryption on the Internet is a
major threat to NSA's ability to prosecute digital-network
intelligence (DNI) traffic or defeat adversary malware?"
reads an excerpt from one of dozens of classified government
documents published by the German paper.

Jacob Appelbaum, a co-author of the Spiegel piece, said during
Sunday’s event that the NSA’s efforts could best be understood as
being “a kind of neocolonialism” taking place in the digital era,
in which the US has invested billions over the last few decades
to tackle the tools that allow private communications to occur
over the web – but in secret.

“Wherein the colonies, [the] networks they do not have
through coercion of the state or through other surveillance
practices, they have to be compromised,” said Appelbaum.
“And those [become] targets and they become legitimate
targets, in theory, and in actuality, because of its usefulness,
because of the leverage that it provides against a speculative
target someday in the future.”

“That is, these networks become compromised in service of
being able to compromise future networks and other people, just
because they can. They set out to do that.”

Indeed, past Snowden leaks have revealed that major US-based tech
companies – including Skype, Yahoo and Facebook – participate in
an NSA program dubbed “PRISM,” in which they allow government
intelligence collectors to soak up data transmissions on the fly.
One of the just released documents says explicitly that the fact
the NSA “obtains cryptographic details of commercial
cryptographic information security systems through industry
relationships” must be kept top secret.

The latest Spiegel article notes that, with regards to Skype,
audio and video data is routinely taken into possession by the
NSA when an alleged suspect is on at least one end of the
conversation. In instances where companies won’t voluntarily be
complicit, however, agencies like the NSA are driven to
exploiting those systems – like the PPTP and Ipsec mechanisms
used by Virtual Private Networks (VPNs), or TSL/SSL protocol
meant to secure web traffic (by whatever means necessary).

That isn’t to say, though, that all is lost. According to the
Snowden docs, codebreakers at the NSA may have met their match
when it comes to certain software standards, even for the more
inexperienced online privacy proponents. The stand-alone
anonymity-centric operating system known as TAILS, and one of its
major components – Tor – pose major problems when it comes to
eavesdropping, the documents reveal, as does the TrueCrypt
software that aims to secure files and documents shared among
persons or stored in secret on hard drives and OTR – a protocol
that offers end-to-end encryption for instant messaging chats.

“For surveillance experts, it becomes very difficult to trace
the whereabouts of a person who visits a particular website or to
attack a specific person while they are using Tor to surf the
Web,” the Spiegel journalists reported. When used in concert
with OTR, TAILS, and other options, communications seem close to
impossible to crack, the report suggests.

As quoted by Spiegel, the source of the documents, Snowden said
more than a year ago that, indeed, encryption used correctly may
be the best option available for foiling efforts from the NSA to
eavesdrop on digital communications.

"Properly implemented strong crypto systems are one of the
few things that you can rely on," Snowden said in June 2013.